[XMR] Monero - A secure, private, untraceable cryptocurrency

[americanpegasus]

Why not MyMonero as a secure online service instead of Poloniex?

 
 
That's not a bad idea.  Perhaps quarters, with 25% on Poloniex and 25% on MyMonero.   I feel pretty safe from the user end considering that Polo has 2 factor authentication and is KYC compliant, but precautions are always a good thing. 

[GingerAle]

bury those in tin cans in my grandmas back yard.

you must spread them to the 4 corners of the earth! And then go on an epic quest filled with fire and elvish women!

[americanpegasus]

As far as the grandma's back yard solution, that sounds like I might as well download a vanity Monero address generator, install it on a clean OS install, and then send coins to that offline cold computer.  From there I can choose to record the private keys on paper, or just keep the laptop itself off limits (encrypted, just like the CD backup)

Is there a reliable vanity address generator?  Or should I just run the Monero client and make a random? 

[americanpegasus]

Also, off-topic shout out to TrueCrypt...  I don't know if the Cryptonote people are the same ones behind the incredible TrueCrypt program, but I've been using it for a decade and it was my first foray into the word of encryption.  
  
In 2005 the idea that I could create a plausibly deniable hidden volume that would be lost forever  was about the coolest thing  I could ever imagine.  
  
So much thank-you to whatever heroes were behind that marvel.

[cAPSLOCK]

Why not MyMonero as a secure online service instead of Poloniex?

 
 
That's not a bad idea.  Perhaps quarters, with 25% on Poloniex and 25% on MyMonero.   I feel pretty safe from the user end considering that Polo has 2 factor authentication and is KYC compliant, but precautions are always a good thing. 

There is plenty of evidence that storing ANY amount of crypto in a place where someone else holds the private keys is a recipe for disaster. Exchanges which lost coins had 2FA as well.

Word to the wise: hold your own private keys.

[smooth]

Word to the wise: hold your own private keys.

And hold them safely.

[MilkyLep]

With the reduced memory requirements is it time for me to set up my dedicated full node? 

I saw a brand new HP Intel Celeron laptop with 2GB of memory on sale at Best Buy last night for $179.  It was too good of a deal so I bought it.  I've been planning to create a Monero "pretty-secure" wallet station for a while so I'm not holding all my coins on Poloniex. 
 
The ultimate plan for the savings is to hold a third in a secure online service (currently Poloniex), a third on a full node running on a laptop only used to run that full node (with an encrypted backup), and a third in cold storage. 
 
Thoughts?  Also, this little thing came with Windows 8.  I've never used a Linux distro before, but I was thinking about trying it for this project. 
 
(also, I would obviously only play around with test amounts of coins until I am very confident in my abilities to send/receive Monero on a direct level)

Duuuuudeeeee! Cmon that is just so wrong on another level. As others have said no matter the login security or whatever perception you have on their compliance exchanges have proven to be unreliable. Keeping control of your own funds is one of the main draws to crypto in the first place. I was there when Polo had it's first incident and was honestly impressed with how it was handled.

However when there are other legitimate options such as MyMonero or MoneroMoo's http://moneroaddress.org/ these options should be taken advantage of. I realize and understand you may want to trade on Polo thus requiring a balance however when that balance is 1/3 , 1/2 or 1/1 of your total holdings you begin to swim in dangerous waters. Maybe your level of risk is higher and you feel fine completely trusting an exchange, but I'd hate to see a staunch supporter as yourself get burned so early into the Monero economy.

[GingerAle]

With the reduced memory requirements is it time for me to set up my dedicated full node? 

I saw a brand new HP Intel Celeron laptop with 2GB of memory on sale at Best Buy last night for $179.  It was too good of a deal so I bought it.  I've been planning to create a Monero "pretty-secure" wallet station for a while so I'm not holding all my coins on Poloniex. 
 
The ultimate plan for the savings is to hold a third in a secure online service (currently Poloniex), a third on a full node running on a laptop only used to run that full node (with an encrypted backup), and a third in cold storage. 
 
Thoughts?  Also, this little thing came with Windows 8.  I've never used a Linux distro before, but I was thinking about trying it for this project. 
 
(also, I would obviously only play around with test amounts of coins until I am very confident in my abilities to send/receive Monero on a direct level)

Duuuuudeeeee! Cmon that is just so wrong on another level. As others have said no matter the login security or whatever perception you have on their compliance exchanges have proven to be unreliable. Keeping control of your own funds is one of the main draws to crypto in the first place. I was there when Polo had it's first incident and was honestly impressed with how it was handled.

However when there are other legitimate options such as MyMonero or MoneroMoo's http://moneroaddress.org/ these options should be taken advantage of. I realize and understand you may want to trade on Polo thus requiring a balance however when that balance is 1/3 , 1/2 or 1/1 of your total holdings you begin to swim in dangerous waters. Maybe your level of risk is higher and you feel fine completely trusting an exchange, but I'd hate to see a staunch supporter as yourself get burned so early into the Monero economy.

I know. This shit blows my mother-f**in mind. Cryptocurrency, invented to keep the banks out of our finances... and what do people do? Create new banks (and call them exchanges). HURTS MAH BRAIN!

and yes AP - get that fresh new PC of yours running linux, without a doubt.

[americanpegasus]

OK, ok, ok!  Don't fuck me up.    
  
But consider this: think of me as a bridge between a normal person and the crypto geniuses as yourselves.  Now, if this is the way *I* see it by default you can imagine how the average person sees it by default.  
  
Not everyone wants to be their own bank.  Most people honestly want others to take responsibility for things for them.  
  
Until we have a solution that's easier than banks and resides on people's mobile phones, crypto banks will always exist because there is profit to be made.  
  
To understand human preferences and how to pierce the mass market you need to understand why we keep choosing glossy and simple solutions over more advanced and technically superior ones...  Time and time again.  
  
 If we make Monero glossy, easy, and make it a status symbol to transact in Monero (have people assign ephemeral qualities to Monero ownership), *then* we are looking at true mass acceptance.  
  
Until then, humans will keep going for the easy solution because humans hardware has not had the chance to catch up to the radical changes that have happened around them in the past century and we are pretty much still running a fork of caveman software.

[ArticMine]

This is what I do. I started with Bitcoin back in 2011 then added Namecoin and then Monero. I have not lost any crypto currency nor fiat for that matter to either computer hacks or "Goxed" exchanges (including Mt Gox itself). By the way I still keep my Mt Gox Yubikey on my keychain as a powerful reminder to not leave funds in an exchange longer than is strictly necessary for trading.

Here is what I do
1) Install GNU/Linux as the host. If one is using Windows XP or Windows 7 migrating to Ubuntu is way easier for non techs than migrating to Windows 8.x or Windows 10.
2) Do not enter any passwords or store unencrypted keys wallets etc on any computer where Microsoft Windows is the host (even in a GNU/Linux virtual machine) or on any virtual Microsoft Windows guest. This is critical. Windows malware is a very common cause for lost coins!
3) Run your own full node or nodes with an encrypted wallet.
4) Make multiple backups of the Keys files for Monero: wallet.bin.keys together with wallet.bin.address.txt as well as the Monero words.  For Bitcoin (reference client)  wallet.dat etc.
5) Get Encryption software either use the tools built into GNU/Linux or for the not so tech minded use Truecrypt.  Yes this is still good and easy to use https://www.grc.com/misc/truecrypt/truecrypt.htm
6) Store these encrypted backups in many different safe places one can think of using as many varied technologies and locations as one can think of. These can range from multiple computer hard drives, usb hard drives, optical media, floppy disks, online email accounts, online services, bank safety deposit boxes, with friends, relatives etc. The NSA shared folders in Windows 10, iCloud etc are perfectly fine for this, remember it was encrypted on GNU/Linux!
7) Regularly test these backups on a second node on a different computer to make sure everything works. Perform a dummy run on a simulated house burns down scenario, disaster etc. Can you get your coins after fleeing a disaster etc?
Use mobile wallets / online wallets for minimal daily spending amounts only say under 200 XMR equivalent at current exchange rates.
9) Consider Estate planing.
10) Be creative. A 5.25 in floppy disk in a bank safety deposit box can be very effective. If the safety deposit box is compromised, the obsolete technology will slow down an attacker long enough in order for the rightful owner to empty the wallet. On the other hand the executor of your estate has ample time to figure out how to read the floppy disk. This can work to store encryption passwords for example.

[kazuki49]

Be your own bank = you need to deal with the security yourself. ArticMine steps are pretty much identical to mine, I can't believe people store crypto in Windows machines, unless its in an encrypted format and never decrypted not even for test. Mymonero is perfect for a hotwallet, anything else (poloniex included) I would not trust.

[g4q34g4qg47ww]

we' mostly kidding. But there exists the reality that these supposedly reliable exhanges get cleaned out regularly. Usually there are small warning signs that most ignore. Then in happens, moral levels in the in the community are low because every feels bad. The exchange typically fucking dies. This would especially hurt if it was your only exchange with decent volume. And this is adds to he stigma of people on the fence about be BTC, how many looks at each other and say" actually lets not buy any fucking btc, it all goes missing". I'm mostly making conversation and its not about you, but its fun to learn how to make a secure wallet that you understand and feel safe about it. If you have a big position you should definitely take controll of it and be the only one with private keys.

[Johnny Mnemonic]

Not everyone wants to be their own bank.  Most people honestly want others to take responsibility for things for them.  

I truly think this is crypto's greatest flaw, and it will likely never be remedied. Few people are comfortable being solely responsible for securing their wealth, and even those who are I'd bet are more afraid of losing their keys or fucking something up than becoming victims of theft.

Centralized banking has its benefits, and it's up to us to diversify according to our risk tolerance.

[g4q34g4qg47ww]

2) Do not enter any passwords or store unencrypted keys wallets etc on any computer where Microsoft Windows is the host (even in a GNU/Linux virtual machine) or on any virtual Microsoft Windows guest. This is critical. Windows malware is a very common cause for lost coins!
3) Run your own full node or nodes with an encrypted wallet.

I just want to clarify please, your are saying not to write down instructions to recreate your password or the password itself anywhere within the windows or virtual machine accessed through windows. Does this mean that virtual machine in general is considered some what severley compromised and it be more prudent to just boot to straight to linux? Thanks for your help.

[romerun]

LMDB sync from scratch in just over 3 hours, and daemon using only 60MB to 100MB RAM. DB is so small I can't find it. What a difference!

LMDB? Did you just say its possible to sync monero chain from scratch in 3 hours ? I have spent 2.5  days syncing with bitmonerod and still not get to half, how can I enable that LMDB thing?

[smooth]

LMDB sync from scratch in just over 3 hours, and daemon using only 60MB to 100MB RAM. DB is so small I can't find it. What a difference!

LMDB? Did you just say its possible to sync monero chain from scratch in 3 hours ? I have spent 2.5  days syncing with bitmonerod and still not get to half, how can I enable that LMDB thing?

You have to build from source (github).

Of course, your sync speed will depend on hardware and bandwidth. But in virtually all cases it will be much faster than the older version.

[romerun]

LMDB sync from scratch in just over 3 hours, and daemon using only 60MB to 100MB RAM. DB is so small I can't find it. What a difference!

LMDB? Did you just say its possible to sync monero chain from scratch in 3 hours ? I have spent 2.5  days syncing with bitmonerod and still not get to half, how can I enable that LMDB thing?

You have to build from source (github).

Of course, your sync speed will depend on hardware and bandwidth. But in virtually all cases it will be much faster than the older version.

I built from source. It does not use a lot of ram as the prebuilt binary, but its not fast at all. Load avg is about 5. Maybe its heavy on IO and my encrypted drive is slow.

[smooth]

LMDB sync from scratch in just over 3 hours, and daemon using only 60MB to 100MB RAM. DB is so small I can't find it. What a difference!

LMDB? Did you just say its possible to sync monero chain from scratch in 3 hours ? I have spent 2.5  days syncing with bitmonerod and still not get to half, how can I enable that LMDB thing?

You have to build from source (github).

Of course, your sync speed will depend on hardware and bandwidth. But in virtually all cases it will be much faster than the older version.

I built from source. It does not use a lot of ram as the prebuilt binary, but its not fast at all. Load avg is about 5. Maybe its heavy on IO and my encrypted drive is slow.

That could be.

[MoneroMooo]

I built from source. It does not use a lot of ram as the prebuilt binary, but its not fast at all. Load avg is about 5. Maybe its heavy on IO and my encrypted drive is slow.

You can look at the outout of "top". Near the top, you should see a line starting with "%Cpu(s):
If you get a high % in the wa field, you're waiting on I/O. If you get lots in us, it's busy CPU crunching in user space.

[dreamspark]

2) Do not enter any passwords or store unencrypted keys wallets etc on any computer where Microsoft Windows is the host (even in a GNU/Linux virtual machine) or on any virtual Microsoft Windows guest. This is critical. Windows malware is a very common cause for lost coins!
3) Run your own full node or nodes with an encrypted wallet.

I just want to clarify please, your are saying not to write down instructions to recreate your password or the password itself anywhere within the windows or virtual machine accessed through windows. Does this mean that virtual machine in general is considered some what severley compromised and it be more prudent to just boot to straight to linux? Thanks for your help.

If you're concerned with windows malware then yes. It is better to not boot to windows at all. The point being made though is to make extra sure that no plain text passwords or password clues are being stored in the windows environment.